Back to API Bites
December 2025 AI Gateway Product Update
Since the announcement of the Cequence AI Gateway in July 2025, we’ve seen dramatic interest and rapid adoption as organizations endeavor to move their agentic AI projects from prototypes to production in a rapid, secure manner. Two of the foundational principles behind the development of the AI Gateway were “security built in, not bolted on” and “enterprise readiness.” We’ve built in security features like real-time monitoring and visibility, authentication, authorization, and guardrails, and of course it’s all integrated with the Cequence Unified Application Protection platform. Recent feature improvements enable large organizations to roll out their agentic API projects into production with robust security, networking, and infrastructure capabilities.
Private Cloud Deployment
AI Gateway can be delivered as a SaaS-based solution in the Cequence cloud requiring no customer infrastructure, and now also supports deployment in the customer’s private cloud. Private cloud deployments enable organizations to run Cequence AI Gateway MCP servers within their own infrastructure while maintaining centralized management and orchestration from the cloud control plane.
- Centralized Control – The control plane, including management and orchestration, runs in Cequence Cloud
- Sensitive Data Stays On-Premises – The data plane, including MCP servers, customer data, logging, and data processing, runs in the customer’s private infrastructure
- Broad Infrastructure Support – Supports AWS EKS, GCP GKE, Azure AKS, OpenShift, and any Kubernetes environment
MCP to MCP Server Connectivity
AI Gateway now has the ability to not only create MCP servers that connect to enterprise and SaaS applications, but also directly connect to other MCP servers. This enables the organization to maintain control and visibility over connections to third-party MCP servers such as those from trusted vendors. Without AI Gateway, admins lack any real visibility into the usage of third-party or customer-hosted MCP servers.
- Visibility – AI Gateway provides full visibility into the tool calls and traffic between MCP servers
- Monitored and Verified – Every connection is verified, monitored, and protected by AI Gateway’s security guardrails
- AuthN & AuthZ – Leverages AI Gateway’s built-in authentication and authorization capabilities
Network Policies
AI Gateway now supports network policies that strengthen overall security posture with enterprise-grade network controls for MCP access.
- IP-Based Access Control – Enables AI Gateway admins to define allowlists and blocklists that only allow MCP access from specified IP ranges. This feature, coupled with the zero trust principles followed by the AI Gateway (e.g., continuous authentication and authorization) ensures only authorized users and agents can access the AI Gateway and connected MCP servers.
- Session Binding Protection – The AI Gateway automatically locks authenticated sessions to the originating IP address, preventing token theft and unauthorized reuse. This stops attacks like the Salesloft Breach where OAuth tokens were exfiltrated from the Salesloft AI chatbot and used elsewhere to bypass security controls.
- Configuration Drift Prevention – As a central management hub for MCP endpoints, AI Gateway can enforce consistent network policies across all your MCP endpoints, preventing configuration deviation from the baseline.
New Application Integrations
AI Gateway’s ever-expanding catalog of application integrations is now at over 140 applications. These integrations make connecting to an application fast and easy, and every app is curated and verified to meet Cequence security and compatibility standards. Recent integrations include Grafana, Grafana Tempo MCP, Google Chronicle, LinkedIn Advertising MCP, Databricks, PagerDuty, and many more.
Ready to see a demo of these features? Contact us and we’ll set up some time to walk through them with you.
